Are Remote Users Threatening Your Security? (continued)
"Part of the problem is in the number of remote access methods and the sloppiness of the way things are managed,'' says Oltsik. "Companies tend to have multiple ways they allow remote workers to get onto their systems."
Those workers may have user accounts and laptops they just don't manage properly. IT needs to get a better handle on what is on an employee's laptop. "Managing it is as important as providing the access," says Oltsik. "IT doesn't look at remote access as an end-to-end solution but as a point requirement, and doesn't integrate it into security as a whole."
Both Oltsik and Howard recommend deploying an IDS (intrusion detection system) and/or an IPS (intrusion prevention system), which both examine incoming network traffic and block it or alert a network administrator if the system sees something suspicious.
Companies make an incorrect assumption that once someone is given a remote access account they have the appropriate credentials. But Oltsik says no one accessing the network should be trusted until the proper steps have been taken to ensure they do not pose a security threat. Strong auditing and reporting is also lacking and that's a function of having too many different accounts in too many places, making it difficult to get an adequate big picture, the experts say. A classic example is when a female employee gets married and changes her name -- her old account is then deleted in one place on the network but not another. If someone knows about that vulnerability, they can exploit it. (article continues)
<< Previous Page
Next Page >>
Schedule / Personalities
